28 Jul Identity Theft Protection Service Leaks User Identities
Security expert Brian Krebs recently explained that LifeLock, an identity theft protection service, may have actually exposed its customers to attacks from scammers and phishers due to a vulnerability on its website.
The flaw was discovered by security researcher and former customer Nathan Reese, who found that he could pull user email addresses from the website using a simple script and the unsubscribe link at the bottom of a LifeLock email as a starting point.
LifeLock is the service offered by companies that have been breached, such as Equifax and Essential to their customers.
Source: ZDNet
